Skip to content
Snippets Groups Projects
Commit 88bedbde authored by Jared Hancock's avatar Jared Hancock
Browse files

xss: Fix possible XSS vuln in current sequence display

parent e8cedfd6
No related branches found
No related tags found
No related merge requests found
......@@ -33,7 +33,7 @@ class SequenceAjaxAPI extends AjaxController {
elseif (!($sequence = Sequence::lookup($id)))
Http::response(404, 'No such object');
return $sequence->current($_GET['format']);
return $sequence->current(Format::htmlchars($_GET['format']));
}
/**
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment